troubleshooting Question

SMTP Send Logs and Spam

Avatar of cfwirth
cfwirth asked on
Exchange
1 Comment1 Solution1084 ViewsLast Modified:
I believe we are having spam sent through our Exchange 2007 server.  Below is an excerpt from one of the SMTP send logs.  I have made a configuration change in our Sonicwall firewall to only allow outbound SMTP port 25 to be used by the Exchange server but I am still seeing in the SMTP send logs messages with a MAIL FROM: <>.  Is it possible that the either the Exchange server has a spam bot or that it is being used as an open SMTP relay?  I thought SMTP relay was turned off by default. We have been blacklisted only by backscatterer.org at this time. How would I go about trying to figure what the problem is? Thanks.


10.0.0.16:25056,85.115.58.190:25,>,MAIL FROM:<> SIZE=11126,
10.0.0.16:25056,85.115.58.190:25,>,RCPT TO:<lesliedevorah@alfa.com>,
10.0.0.16:25056,85.115.58.190:25,<,250 2.0.0 Reset state,
10.0.0.16:25056,85.115.58.190:25,<,250 2.1.0 <>... Sender ok,
10.0.0.16:25056,85.115.58.190:25,<,250 2.1.5 <lesliedevorah@alfa.com>... Recipient ok,
10.0.0.16:25056,85.115.58.190:25,>,DATA,
10.0.0.16:25056,85.115.58.190:25,<,"354 Enter mail, end with ""."" on a line by itself",
10.0.0.16:25056,85.115.58.190:25,<,451 4.3.2 Please try again later,
10.0.0.16:25056,85.115.58.190:25,>,QUIT,
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros